New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-13738 enforce additional ntp sources added into chrony #5295
OCPBUGS-13738 enforce additional ntp sources added into chrony #5295
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: filanov The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #5295 +/- ##
==========================================
+ Coverage 67.50% 68.57% +1.06%
==========================================
Files 221 221
Lines 33044 34508 +1464
==========================================
+ Hits 22307 23664 +1357
- Misses 8726 8754 +28
- Partials 2011 2090 +79
|
Chrony configuration applied into machine config manifest based on the reply from the agent, meaning that when user add additional ntp source first the service will ask the agent to add it then return the reply to the service it will be stored in the DB and used to create the machine config chrony configuration Because NTP is a soft validation, in ZTP flow there are cases that the installation will start before the agent return a reply to the service, it will mean that those sources will not be applied, to avoid that when building the manifests in addition to taking the agent reply the additional ntp sources will be added directly from the DB The downside of this solution is that if the source is incorrect it will appear in /etc/chrony.conf but not in `chronyc sources` and it will not be resolved as the regular reply from the agent It will not harm the cluster installation or affect the cluster after the installation if the source is incorrect
05f0b46
to
b07c77b
Compare
If there was no race and we did whatever we do to add the sources to the host during discovery, would the user have seen an error? Or put another way, are we doing anything to attempt to check the validity of these sources currently? |
so what we are doing right now is what i described in the commit message
Meaning that invalid sources will not be added, but on the other had the user requested something so it will make sense to add them even if right now they are not available. in addition we had a lot of confusion from the users related to the resolution that the agent is doing, we are being asked |
I'm fine with this. I think it's less confusing to add the ntp sources the user asks for even if they may be incorrect as long as it doesn't negatively impact the cluster. They can always remove or change the sources using the machineconfig once the cluster is installed. |
If the user asked for an NTP source, we should add it. It might currently be offline or unreachable, but later on, it will be (for example, if the cluster is relocated). It looks like this PR doesn't fix the actual race though - is that in a different PR? |
/lgtm |
The way to resolve the race is to add additional validation that will block the installation, but it will conflict with another validation that is not required so it will create a strange UX for the user, in ACM we don't have defaults so with another validation we will require the user to add additional NTP sources. With the proposed solution we will copy exactly what the user requested. |
@filanov: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/cherry-pick release-ocm-2.8 |
@filanov: new pull request created: #5308 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
…hift#5295) Chrony configuration applied into machine config manifest based on the reply from the agent, meaning that when user add additional ntp source first the service will ask the agent to add it then return the reply to the service it will be stored in the DB and used to create the machine config chrony configuration Because NTP is a soft validation, in ZTP flow there are cases that the installation will start before the agent return a reply to the service, it will mean that those sources will not be applied, to avoid that when building the manifests in addition to taking the agent reply the additional ntp sources will be added directly from the DB The downside of this solution is that if the source is incorrect it will appear in /etc/chrony.conf but not in `chronyc sources` and it will not be resolved as the regular reply from the agent It will not harm the cluster installation or affect the cluster after the installation if the source is incorrect
Chrony configuration applied into machine config manifest based on the reply from the agent, meaning that when user add additional ntp source first the service will ask the agent to add it then return the reply to the service it will be stored in the DB and used to create the machine config chrony configuration
Because NTP is a soft validation, in ZTP flow there are cases that the installation will start before the agent return a reply to the service, it will mean that those sources will not be applied, to avoid that when building the manifests in addition to taking the agent reply the additional ntp sources will be added directly from the DB
The downside of this solution is that if the source is incorrect it will appear in /etc/chrony.conf but not in
chronyc sources
and it will not be resolved as the regular reply from the agentIt will not harm the cluster installation or affect the cluster after the installation if the source is incorrect
Example i added
harta,barta
in additional ntp sourcesThey didn't return from the agent so without this code they will not be added to the installation event if there is no race
After installation
List all the issues related to this PR
What environments does this code impact?
How was this code tested?
Checklist
docs
, README, etc)Reviewers Checklist